From 8ab2f623fa1d11a2aaec35226cb7a1456fc257d8 Mon Sep 17 00:00:00 2001 From: Guillaume Nault Date: Tue, 20 Feb 2018 18:50:25 +0100 Subject: radius: add support for route priority (metric) in Framed-Route Let an optional route priority (aka metric) be defined in RADIUS Framed-Route attributes. The priority is an integer placed at the end of the route string. This is backward compatible with the previous format and also conforms with the recommended format defined by RFC 2865 (although we don't allow multiple metrics). Framed-Route format is: [ []] For example, 'Framed-Route = "192.0.2.0/24 203.0.113.1 8"' will let the following route be installed (assuming 203.0.113.1 is routed through eth0): $ ip route show [...] 192.0.2.0/24 via 203.0.113.1 dev eth0 metric 8 It's possible to use the unspecified gateway (0.0.0.0) if one wants to set a priority without specifying a gateway address. Finally, route deletion now also takes the priority into account, in order to avoid removing a different route accidentally. Signed-off-by: Guillaume Nault --- accel-pppd/ctrl/ipoe/ipoe.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'accel-pppd/ctrl') diff --git a/accel-pppd/ctrl/ipoe/ipoe.c b/accel-pppd/ctrl/ipoe/ipoe.c index 35f97d83..5fd64e2a 100644 --- a/accel-pppd/ctrl/ipoe/ipoe.c +++ b/accel-pppd/ctrl/ipoe/ipoe.c @@ -977,9 +977,9 @@ static void __ipoe_session_activate(struct ipoe_session *ses) if (ses->ifindex == -1) { if (!conf_ip_unnumbered) - iproute_add(serv->ifindex, ses->router, ses->yiaddr, 0, conf_proto, ses->mask); + iproute_add(serv->ifindex, ses->router, ses->yiaddr, 0, conf_proto, ses->mask, 0); else if (!serv->opt_ifcfg) - iproute_add(serv->ifindex, serv->opt_src ?: ses->router, ses->yiaddr, 0, conf_proto, 32); + iproute_add(serv->ifindex, serv->opt_src ?: ses->router, ses->yiaddr, 0, conf_proto, 32, 0); } if (ses->l4_redirect) @@ -1078,7 +1078,7 @@ static void ipoe_session_started(struct ap_session *s) if (ses->ses.ipv4->peer_addr != ses->yiaddr) //ipaddr_add_peer(ses->ses.ifindex, ses->router, ses->yiaddr); // breaks quagga - iproute_add(ses->ses.ifindex, ses->router, ses->yiaddr, 0, conf_proto, 32); + iproute_add(ses->ses.ifindex, ses->router, ses->yiaddr, 0, conf_proto, 32, 0); if (ses->ifindex != -1 && ses->xid) { ses->dhcpv4 = dhcpv4_create(ses->ctrl.ctx, ses->ses.ifname, ""); @@ -1163,9 +1163,9 @@ static void ipoe_session_finished(struct ap_session *s) if (serv->opt_ifcfg) ipaddr_del(serv->ifindex, ses->router, conf_ip_unnumbered ? 32 : ses->mask); else if (conf_ip_unnumbered) - iproute_del(serv->ifindex, ses->yiaddr, conf_proto, 32); + iproute_del(serv->ifindex, ses->yiaddr, conf_proto, 32, 0); else - iproute_del(serv->ifindex, ses->yiaddr, conf_proto, ses->mask); + iproute_del(serv->ifindex, ses->yiaddr, conf_proto, ses->mask, 0); } if (ses->dhcp_addr) -- cgit v1.2.3 From 6e7c20d8b1eaca421793cc3876c84a0ab718282e Mon Sep 17 00:00:00 2001 From: Dmitry Kozlov Date: Sat, 3 Mar 2018 12:06:06 +0300 Subject: pppoe: fixed PADO delaying function --- accel-pppd/ctrl/pppoe/pppoe.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'accel-pppd/ctrl') diff --git a/accel-pppd/ctrl/pppoe/pppoe.c b/accel-pppd/ctrl/pppoe/pppoe.c index 11a6ea1f..7ab20e35 100644 --- a/accel-pppd/ctrl/pppoe/pppoe.c +++ b/accel-pppd/ctrl/pppoe/pppoe.c @@ -1055,7 +1055,8 @@ static void pppoe_recv_PADI(struct pppoe_serv_t *serv, uint8_t *pack, int size) pado->ppp_max_payload = ppp_max_payload; pado->timer.expire = pado_timer; - pado->timer.period = pado_delay; + pado->timer.expire_tv.tv_sec = pado_delay / 1000; + pado->timer.expire_tv.tv_usec = (pado_delay % 1000) * 1000; triton_timer_add(&serv->ctx, &pado->timer, 0); -- cgit v1.2.3 From 939e952452dd856a574a1d78c15181a93a593996 Mon Sep 17 00:00:00 2001 From: Vladislav Grishenko Date: Sun, 4 Mar 2018 02:29:46 +0500 Subject: fix possible null pointer dereferences --- accel-pppd/ctrl/ipoe/dhcpv4.c | 4 +++- accel-pppd/ctrl/l2tp/l2tp.c | 2 +- accel-pppd/lua/session.c | 6 ++++-- accel-pppd/radius/backup.c | 7 +++++-- 4 files changed, 13 insertions(+), 6 deletions(-) (limited to 'accel-pppd/ctrl') diff --git a/accel-pppd/ctrl/ipoe/dhcpv4.c b/accel-pppd/ctrl/ipoe/dhcpv4.c index dde50603..8a395ea8 100644 --- a/accel-pppd/ctrl/ipoe/dhcpv4.c +++ b/accel-pppd/ctrl/ipoe/dhcpv4.c @@ -1145,7 +1145,7 @@ void dhcpv4_reserve_ip(struct dhcpv4_serv *serv, uint32_t ip) struct dhcpv4_packet *dhcpv4_clone_radius(struct rad_packet_t *rad) { struct dhcpv4_packet *pkt = dhcpv4_packet_alloc(); - uint8_t *ptr = pkt->data, *endptr = ptr + BUF_SIZE; + uint8_t *ptr, *endptr; struct dhcpv4_option *opt; struct rad_attr_t *attr; @@ -1153,6 +1153,8 @@ struct dhcpv4_packet *dhcpv4_clone_radius(struct rad_packet_t *rad) return NULL; pkt->refs = 1; + ptr = pkt->data; + endptr = ptr + BUF_SIZE; list_for_each_entry(attr, &rad->attrs, entry) { if (attr->vendor && attr->vendor->id == VENDOR_DHCP && attr->attr->id < 256) { diff --git a/accel-pppd/ctrl/l2tp/l2tp.c b/accel-pppd/ctrl/l2tp/l2tp.c index 55881b8d..cbb9de6b 100644 --- a/accel-pppd/ctrl/l2tp/l2tp.c +++ b/accel-pppd/ctrl/l2tp/l2tp.c @@ -3119,7 +3119,7 @@ static int rescode_get_data(const struct l2tp_attr_t *result_attr, return 2; *err_msg = _malloc(msglen + 1); - if (err_msg) { + if (*err_msg) { memcpy(*err_msg, resavp->error_msg, msglen); (*err_msg)[msglen] = '\0'; } diff --git a/accel-pppd/lua/session.c b/accel-pppd/lua/session.c index d65a67bd..277b299f 100644 --- a/accel-pppd/lua/session.c +++ b/accel-pppd/lua/session.c @@ -217,11 +217,12 @@ static int session_rx_bytes(lua_State *L) { struct ap_session *ses = luaL_checkudata(L, 1, LUA_AP_SESSION); uint64_t gword_sz = (uint64_t)UINT32_MAX + 1; - uint64_t bytes = gword_sz*ses->acct_input_gigawords + ses->acct_rx_bytes; + uint64_t bytes; if (!ses) return 0; + bytes = gword_sz*ses->acct_input_gigawords + ses->acct_rx_bytes; lua_pushnumber(L, bytes); return 1; @@ -231,11 +232,12 @@ static int session_tx_bytes(lua_State *L) { struct ap_session *ses = luaL_checkudata(L, 1, LUA_AP_SESSION); uint64_t gword_sz = (uint64_t)UINT32_MAX + 1; - uint64_t bytes = gword_sz*ses->acct_output_gigawords + ses->acct_tx_bytes; + uint64_t bytes; if (!ses) return 0; + bytes = gword_sz*ses->acct_output_gigawords + ses->acct_tx_bytes; lua_pushnumber(L, bytes); return 1; diff --git a/accel-pppd/radius/backup.c b/accel-pppd/radius/backup.c index 93ab3eb0..46041d78 100644 --- a/accel-pppd/radius/backup.c +++ b/accel-pppd/radius/backup.c @@ -30,8 +30,8 @@ static int session_save(struct ap_session *ses, struct backup_mod *m) { struct radius_pd_t *rpd = find_pd(ses); - uint64_t session_timeout = ses->start_time + rpd->session_timeout.expire_tv.tv_sec; - uint32_t idle_timeout = rpd->idle_timeout.period / 1000; + uint64_t session_timeout; + uint32_t idle_timeout; if (!rpd) return 0; @@ -39,6 +39,9 @@ static int session_save(struct ap_session *ses, struct backup_mod *m) if (!rpd->authenticated) return -2; + session_timeout = ses->start_time + rpd->session_timeout.expire_tv.tv_sec; + idle_timeout = rpd->idle_timeout.period / 1000; + add_tag(RAD_TAG_INTERIM_INTERVAL, &rpd->acct_interim_interval, 4); if (rpd->session_timeout.tpd) -- cgit v1.2.3